Google Git
Sign in
chromium / chromium / src / third_party / tlslite / 8060d37a40c1c5f96ad6edd0faf31d35d1d2ad05^! / .
commit8060d37a40c1c5f96ad6edd0faf31d35d1d2ad05[log] [tgz]
authornharper <nharper@chromium.org>Fri Aug 21 20:18:40 2015
committerCommit bot <commit-bot@chromium.org>Fri Aug 21 20:19:14 2015
treefef28f021ec061cef667a7031884d84d4657acff
parentae1080e17c94f020bc5fce6ef314c3565f7ed5c3 [diff]
Fix extended master secret implementation in tlslite

The previous cl (http://crrev.com/1306553002) didn't properly handle the field
in HandshakeSettings, resulting in extended master secret always being enabled,
regardless of what was passed in.

BUG=467312

Review URL: https://codereview.chromium.org/1301403002

Cr-Original-Commit-Position: refs/heads/master@{#344846}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: b6248b5a92ab416011b4aadcb40adc83cab00c35

diff --git a/patches/extended_master_secret.patch b/patches/extended_master_secret.patch
index 19bf407..b6ad58d 100644
--- a/patches/extended_master_secret.patch
+++ b/patches/extended_master_secret.patch

@@ -11,7 +11,7 @@
      supports_npn = 13172
      channel_id = 30032
 diff --git a/third_party/tlslite/tlslite/handshakesettings.py b/third_party/tlslite/tlslite/handshakesettings.py
-index 605ed42..7679823 100644
+index 605ed42..a7b6ab9 100644
 --- a/third_party/tlslite/tlslite/handshakesettings.py
 +++ b/third_party/tlslite/tlslite/handshakesettings.py
 @@ -111,6 +111,10 @@ class HandshakeSettings(object):
@@ -33,6 +33,14 @@
  
      # Validates the min/max fields, and certificateTypes
      # Filters out unsupported cipherNames and cipherImplementations
+@@ -146,6 +151,7 @@ class HandshakeSettings(object):
+         other.tlsIntolerant = self.tlsIntolerant
+         other.tlsIntoleranceType = self.tlsIntoleranceType
+         other.alertAfterHandshake = self.alertAfterHandshake
++        other.enableExtendedMasterSecret = self.enableExtendedMasterSecret
+ 
+         if not cipherfactory.tripleDESPresent:
+             other.cipherNames = [e for e in self.cipherNames if e != "3des"]
 diff --git a/third_party/tlslite/tlslite/mathtls.py b/third_party/tlslite/tlslite/mathtls.py
 index 60a331a..0a23fe1 100644
 --- a/third_party/tlslite/tlslite/mathtls.py

diff --git a/tlslite/handshakesettings.py b/tlslite/handshakesettings.py
index 7679823..a7b6ab9 100644
--- a/tlslite/handshakesettings.py
+++ b/tlslite/handshakesettings.py

@@ -151,6 +151,7 @@
         other.tlsIntolerant = self.tlsIntolerant
         other.tlsIntoleranceType = self.tlsIntoleranceType
         other.alertAfterHandshake = self.alertAfterHandshake
+        other.enableExtendedMasterSecret = self.enableExtendedMasterSecret
 
         if not cipherfactory.tripleDESPresent:
             other.cipherNames = [e for e in self.cipherNames if e != "3des"]